05

Feb
2013

US Energy Department, Twitter Hacked: What Next?

February 5th, 2013 | by admin admin | in News |    9   

On February 4, news spread of a major online attack on the US Department of Energy’s (DOE) Washington headquarters. Sophisticated hackers stole the personal data of several hundred employees and contractors, but no classified information.

The DOE notified employees of the breach on Friday evening. Meanwhile, also on Friday, Twitter announced that highly sophisticated hackers had accessed 250,000 user accounts. These stories followed reports last week that the New York Times  and Wall Street Journal had also been infiltrated by cyberspies in recent months.

Coincidence? Perhaps. There is no evidence linking the attacks, although espionage is suspected in the DOE and media incidents.

So what does this mean for you? Twitter has two bits of advice:

1. Change your password. Although the company has already contacted the users directly affected, it doesn’t hurt for you to review your passwords for Twitter and other online accounts. A strong password should have a mix of upper- and lower-case letters, numbers and symbols. The longer the better. Using the same password for multiple accounts makes you more vulnerable. Memorizing and managing all those passwords, however, is a whole other issue …

2. Disable Java. In case you haven’t heard yet, the US Department of Homeland Security recommends that you disable Java in your browser. Now. Read this Slate article on why and how to do it. Java was responsible for 50 percent of all cyber attacks last year in which hackers broke into computers by exploiting software bugs, according to a security expert quoted by Reuters. If you need further convincing, Apple and Mozilla now automatically disable Java by default in their browsers.

While you may not be a likely target for foreign spies, keep in mind that a Dutch hacker was sentenced on Friday for selling 100,000 credit card numbers he stole online. Your credit and ID numbers could be next.

Note: This blog discusses general safety and security topics. It is not intended to provide comprehensive advice or guidance. In all matters of personal safety and security, we encourage readers to research topics in depth and consult a security professional about specific concerns.